This time, a problem with a critical patch relating to Microsoft's DirectShow streaming media software is leaving some Windows 2000 users unprotected, even after they've installed a patch.

Windows 2000 users who have installed Microsoft DirectX version 8.0 or 9.0 may not have actually fixed their software by installing Microsoft Security Update MS05-050, Microsoft said in a statement on its website.

The patch was released on 11 October as part of the company's monthly security fixes. It addresses a problem in DirectShow that could allow an attacker to seize control of an unpatched system. The attacker would first need to trick a user into visiting a Web page with maliciously coded Web content - a banner ad, for example - in order for this to happen, Microsoft said.

The problem with the patch is that Microsoft DirectX 8.0 or 9.0 users who may have accidentally installed the patch written for DirectX 7.0 will still be vulnerable to the underlying vulnerability, and they will not be notified of this fact.

Only a "limited" number of customers have been affected by this problem, and customers who received Update MS05-050 automatically or correctly followed the steps in Microsoft's security bulletin will not be affected, Microsoft claimed.

This is the second problem Microsoft has had with the October patches. Last week, some users ran into a variety of technical problems when they attempted to install a separate Security Update, MS05-051.